Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Flexmonster Pivot Table & Charts 2.7.17 - 'Remote JSON' Reflected XSS

🗓️ 21 Dec 2020 00:00:00Reported by Marco NappiType 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 212 Views

Flexmonster Pivot Table & Charts 2.7.17 'Remote JSON' Reflected XSS vulnerability by Marco Napp

Related
Code
ReporterTitlePublishedViews
Family
Circl		CVE-2020-20139
18 Dec 202002:43
circl
CNNVD		Flexmonster Pivot Table & Charts Cross-Site Scripting Vulnerability
17 Dec 202000:00
cnnvd
CVE		CVE-2020-20139
17 Dec 202022:38
cve
Cvelist		CVE-2020-20139
17 Dec 202022:38
cvelist
EUVD		EUVD-2020-12926
7 Oct 202500:30
euvd
NVD		CVE-2020-20139
17 Dec 202023:15
nvd
Packet Storm		Flexmonster Pivot Table And Charts 2.7.17 Cross Site Scripting
17 Dec 202000:00
packetstorm
Prion		Cross site scripting
17 Dec 202023:15
prion
RedhatCVE		CVE-2020-20139
22 May 202515:17
redhatcve
# Exploit Title: Flexmonster Pivot Table & Charts 2.7.17 - 'Remote JSON' Reflected XSS
# Date: 08/01/2020
# Exploit Author: Marco Nappi
# Vendor Homepage: https://www.flexmonster.com/
# Version: Flexmonster Pivot Table & Charts 2.7.17
# Tested on: Flexmonster Pivot Table & Charts 2.7.17
# CVE : CVE-2020-20139

Cross Site Scripting (XSS) vulnerability in the Remote JSON component 

Reflected XSS:
The Reflected XSS is a result of insufficient input sanitization of the 'path' parameter when fetching the file specifications (file_specs.php). Below I have provided an example URL. When using this URL the user navigates to an non-existing file (the XSS payload). This results in the execution of the payload.

payload:
<svg onload=alert("OpenRemoteJSON")><!--

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Dec 2020 00:00Current
6.4Medium risk
Vulners AI Score6.4
CVSS 24.3
CVSS 3.16.1
EPSS0.00626
xss vulnerabilityinput sanitizationremote jsonfile specificationscve-2020-20139flexmonster pivot table & charts
212